Skip to content
This repository has been archived by the owner on Jul 16, 2022. It is now read-only.
/ jwtAuthorizr Public archive

Custom JSON-Web-Token AWS Lambda Authorizer function for Amazon API Gateway with Bearer JWT

License

MIT license
41 stars 13 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

serverlessbuch/jwtAuthorizr

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 
serverless.yml
serverless.yml
 
 
test.json
test.json
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

jwtAuthorizer - Custom JWT AWS Lambda Authorizer for Amazon API Gateway

A Custom Authorizer AWS Lambda function for Amazon API Gateway which takes a JSON Web Token (JWT) in Bearer format from Authorization HTTP header.

Read more about Custom Authorizers at AWS Docs.

The JWT is verified against a secret (in case of HSA encryption) and some other claims (should be at least audience and issuer).

The jwtAuthorizr lambda function makes use of the aweseome jsonwebtoken package at NPM.

Secret and claims can be different for every used stage environment. In this example, jwtAuthorizr lambda function reads them from environment variables which should be baked into the function deployment for each stage. But Lambda could also load them from e.g. S3 or DynamoDB or something completely different.

The token in the test event in test.json uses these secrets and claims:

  • iss: dasniko
  • aud: demo
  • secret: secret

About

Custom JSON-Web-Token AWS Lambda Authorizer function for Amazon API Gateway with Bearer JWT

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

41 stars

Watchers

4 watching

Forks

13 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages